@ternent/seal-cli 0.1.8 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/README.md +13 -13
  2. package/dist/chunks/crypto-38954ec7.js +2068 -0
  3. package/dist/chunks/crypto-38954ec7.js.map +1 -0
  4. package/dist/chunks/{utils.es-586f669f.js → utils.es-7e2ade90.js} +2 -7
  5. package/dist/chunks/{utils.es-586f669f.js.map → utils.es-7e2ade90.js.map} +1 -1
  6. package/dist/cli.js +23 -29
  7. package/dist/cli.js.map +1 -1
  8. package/dist/crypto.js +1 -248
  9. package/dist/crypto.js.map +1 -1
  10. package/dist/index.js +3 -3
  11. package/dist/manifest.js +1 -1
  12. package/dist/proof.js +25 -18
  13. package/dist/proof.js.map +1 -1
  14. package/package.json +2 -2
package/README.md CHANGED
@@ -10,15 +10,14 @@ pnpm add -D @ternent/seal-cli
10
10
 
11
11
  ## Environment
12
12
 
13
- `@ternent/seal-cli` reads signer material from environment variables:
13
+ `@ternent/seal-cli` reads signer material from a v2 identity JSON payload:
14
14
 
15
15
  ```bash
16
- export SEAL_PRIVATE_KEY="$(cat private-key.pem)"
17
- export SEAL_PUBLIC_KEY="$(cat public-key.pem)"
16
+ export SEAL_IDENTITY="$(cat identity.json)"
17
+ # or
18
+ export SEAL_IDENTITY_FILE="./identity.json"
18
19
  ```
19
20
 
20
- `SEAL_PUBLIC_KEY` is optional. If it is present, Seal verifies that it matches `SEAL_PRIVATE_KEY`.
21
-
22
21
  ## Commands
23
22
 
24
23
  ```bash
@@ -36,8 +35,7 @@ Use the published GitHub Action:
36
35
  - name: Generate Seal artifacts
37
36
  uses: samternent/seal-action@v1
38
37
  env:
39
- SEAL_PRIVATE_KEY: ${{ secrets.SEAL_PRIVATE_KEY }}
40
- SEAL_PUBLIC_KEY: ${{ secrets.SEAL_PUBLIC_KEY }}
38
+ SEAL_IDENTITY: ${{ secrets.SEAL_IDENTITY }}
41
39
  with:
42
40
  assets-directory: dist
43
41
  package-name: @ternent/seal-cli
@@ -88,9 +86,9 @@ Proof:
88
86
 
89
87
  ```json
90
88
  {
91
- "version": "1",
89
+ "version": "2",
92
90
  "type": "seal-proof",
93
- "algorithm": "ECDSA-P256-SHA256",
91
+ "algorithm": "Ed25519",
94
92
  "createdAt": "2026-03-13T00:00:00.000Z",
95
93
  "subject": {
96
94
  "kind": "manifest",
@@ -98,7 +96,7 @@ Proof:
98
96
  "hash": "sha256:..."
99
97
  },
100
98
  "signer": {
101
- "publicKey": "BASE64-SPKI",
99
+ "publicKey": "BASE64URL-RAW-ED25519-PUBLIC-KEY",
102
100
  "keyId": "..."
103
101
  },
104
102
  "signature": "..."
@@ -109,8 +107,10 @@ Public key:
109
107
 
110
108
  ```json
111
109
  {
112
- "algorithm": "ECDSA-P256-SHA256",
113
- "publicKey": "BASE64-SPKI",
110
+ "version": "2",
111
+ "type": "seal-public-key",
112
+ "algorithm": "Ed25519",
113
+ "publicKey": "BASE64URL-RAW-ED25519-PUBLIC-KEY",
114
114
  "keyId": "..."
115
115
  }
116
116
  ```
@@ -123,7 +123,7 @@ Public key:
123
123
  - `/proof.json`
124
124
  - `/public-key.json` (optional)
125
125
 
126
- Browser verification reuses `@ternent/seal-cli/proof`, `@ternent/seal-cli/crypto`, `ternent-identity`, and `ternent-utils`.
126
+ Browser verification reuses `@ternent/seal-cli/proof`, `@ternent/seal-cli/crypto`, `@ternent/identity`, and `ternent-utils`.
127
127
 
128
128
  Validation rules:
129
129